Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
1
Replies

Anyconnect Radius Question

dcabinet1
Level 1
Level 1

‎04-15-2009 09:47 AM - edited ‎02-21-2020 03:24 AM

I have a ASA 5510 and I'm currently using it to serve my VPN client (ipsec) users. I want to be able to also use it for the AnyConnect client but limit who can use the client to connect. I'm authenticating my users using a Windows IAS server and I push down ACLs via the AV Pair attribute. Is there a way via radius or on the ASA to specify which users are allowed to use the AnyConnect client? I need to limit access to this. I wasn't able to find anything in the documentation but I may be missing something.

Thanks for the assistance.

0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎04-17-2009 07:17 AM

You can use the IETF Class value (att 25) to pass along a string to the asa, using this string, you can have the ASA to place the user on a specific group-policy that matches that string and in the group-policy you can have the tunnel-protocol svc or webvpn enabled or not. When the user that should not be connecting via anyconect receives the string and the asa places the user on the group-policy that does not have that tunnel protocol enabled, the connection will never happen.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card